Dear all,
image4pwd project already finished; slides were prepared, source codes are uploaded, and all tests were done…
For whom wants have source codes and presentation, you can download it from :
HERE
Online test link :
HERE
Hopefully, everyone learnt a lot of things from this cooperation. The most important thing in the work studies is to be placed oneself in right position. Otherwise, there will be always a problem among group members.
We just started a new year, with new wishes and new life. With wishes someone who does not have new wishes can have wishes in this new year…
—-ON BEHALF OF IMAGE4PWD TEAM,
HAKKI
HCK, 2008/1/14 2.47AM
+++++++++++++++++++++++++++++++++++++++++++++++++++++
the newest process.php
you can see the result at http://wfuny.ifastnet.com/project/form.html
<html> <head> <title>...:... Image4PWD Login System v0.1 ...:...</title> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <link href="stil.css" rel="stylesheet" media="screen"></head> <body><table width="100%" height="100%"> <td align="center" valign="middle"> <form><fieldset class=""><legend>RESULTS</legend><label class="preField"> // CONNECT DATABASE $db_host = 'sql3.ifastnet.com'; $db_user = 'if_1297013'; $db_pass = '*****************'; $db_name = 'if_1297013_image4pwd'; $link = mysql_connect ($db_host,$db_user,$db_pass) or die('No connection'.mysql_error()); mysql_select_db($db_name)or die('No connection['.DB_DATABASE.']:'.mysql_error()); // REGISTER PROCESS if ($_POST["action"] == "register") { // PROCESS if($_POST['username']!="" && $_POST['password']!="" && $size = $_FILES['image_file']['size']!=0) { $username=$_POST['username']; $password=$_POST['password']; $IsHaveUser = false; $data_count=0; // GET FILE FROM DATABASE AND CHECK USERNAME $sql1 = "SELECT * FROM admin"; $query1 = mysql_query($sql1); while ($result = mysql_fetch_array($query1) ) { $data_count++; if ( $result['username'] == $username) { $IsHaveUser = true; echo "The username has already been used.<BR> Please change your username.<BR>"; } } if ($IsHaveUser == false) { //OPEN THE FILE THAT USER UPLOAD $tempfile = $_FILES['image_file']['tmp_name']; $handle = fopen($tempfile, "r"); $Fsize=filesize($tempfile); $contents = fread($handle, $Fsize); fclose($handle); // echo $contents; //CREATE A FILE TO SAVE $picName = "$data_count".".chu"; $handle2 = fopen($picName, "w"); //RANDOM SELECTING THE BITS OF THE IMAGE $pos=0; $time_sec=time(); //echo 'time:'."$time_sec <BR>"; srand($time_sec); while($pos < $Fsize) { //echo $contents[$pos]; fwrite($handle2,$contents[$pos],1); $pos = $pos + rand(1,10); } fclose($handle2); //PUT ENCRYPTED DATA TO THE DATABASE $sql = "INSERT INTO admin (username, password, pic_name , randseed) VALUES ('$username', '$password','$picName', '$time_sec')"; mysql_query($sql); echo "REGISTRATION SUCCEEDED !!! <br> You are a member of IMAGE4PWD now ... "; } } else { echo "ERROR !!! Please key in your username, password and state RIGHT path of an image file... <BR>"; } mysql_close(); } // LOGIN PROCESS elseif ($_POST["action"] == "login") { if($_POST['username']!="" && $_POST['password']!="" && $size = $_FILES['image_file']['size']!=0) { // LETS MAKE OUR CODE SAFE FROM SQL INJECTION function make_safe($variable) { $variable = addslashes(trim($variable)); return $variable; } //GET USER INFO $username = make_safe($_POST['username']); $password = make_safe($_POST['password']); // READ IMAGE $tempfile = $_FILES['image_file']['tmp_name']; $handle = fopen($tempfile, "r"); $Fsize = filesize($tempfile); $contents = fread($handle, $Fsize); fclose($handle); // GET FILE FROM DATABASE AND CHECK USERNAME & PASSWORD $IsRightPass = false; $sql1 = "SELECT * FROM admin "; $query1 = mysql_query($sql1); while ($result = mysql_fetch_array($query1) ) { if ( $result['username']==$username && $result['password']==$password) { //echo "Username : ".$result['username']."<BR>"; //echo "Password : ".$result['password']."<BR>"; //echo "File Name : ".$result['pic_name']."<BR>"; //echo "Randseed : ".$result['randseed']."<BR>"; $IsRightPass = true; $randseed=$result['randseed']; $image_enc_file=$result['pic_name']; } } if ($IsRightPass == true) { //OPEN ENCRYPTED FILE $handle2 = fopen($image_enc_file, "r"); $encrypted_content = fread($handle2, filesize($image_enc_file)); //echo $encrypted_content; //ENCRYPT IMAGE HERE AGAIN $pos = 0; $element = 0; srand($randseed); while($pos < $Fsize) { if ( $contents[$pos] != $encrypted_content [$element] ) { $IsRightPass = false; break; } else { //echo $contents[$pos]; $pos = $pos + rand(1,10); $element ++ ; } } } //SHOW LOGIN SUCCEEDED OR NOT if ($IsRightPass==true) echo "<BR> LOGIN SUCCEEDED !!! <BR>"; else echo "<BR> LOGIN FAILED !!! <BR>"; mysql_close(); } else { echo "ERROR !!! Please key in your username, password and state RIGHT path of an image file... <BR>"; } } </label></fieldset></form> </td></table> </body> </html>
wfuny 1/11
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Here we're almost done guys… Following the source code of Image4PWD … However, I used css template for fancy forms and i combined the register.php and login.php as "process.php" and loginform.html and registerform.html as "form.html" in a one file… Moreover, we have stil.css (Conifers I have 'green' inside for you :)) and sql_db_image4pwd file which includes the tables of sql that you should import before testing, you can download it from undermost part which you edit this page -you will see 'files' button; just click and download…
However, there is a problem about register processing. login process works fine… I am uploading process.php anyway; because i may oversleep tomorrow :) just in case if you wanna come here and see is there anything new… I named our project's version as 'v0.1'…
Don't forget to update your mysql settings…
Happy ! Happy ! Happy ! :)
form.html
<html> <head> <title>...:... Image4PWD Login System v0.1 ...:...</title> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <link href="stil.css" rel="stylesheet" media="screen"></head> <body><table width="100%" height="100%"> <td align="center" valign="middle"> <form name="login_form" method="post" action="process.php" enctype="multipart/form-data" id="wf_FormGardenDemonst"> <input type="hidden" name="action" value="register"> <p class="headtitle">IMAGE4PWD v0.1 - A new idea for login systems</p> <div id="wf_" class=""> <div class="instructions"><em>Here is the register form. Before you try to get into the system, please register. And test it in login form !!!</em></div> <fieldset id="image4pwd" class=""> <legend>REGISTER FORM</legend> <span class="oneField"><div class="field-hint-inactive" id="wf_Name-H"><div></div></div> <label for="wf_Name" class="preField">USERNAME</label> <input type="text" id="wf_Name" name="username" value="" size="" class="required"><span class="reqMark">*</span> <br></span> <span class="oneField"><div class="field-hint-inactive" id="wf_PhoneNumber-vshons-H"><div></div></div> <label for="wf_PhoneNumber-vshons" class="preField">PASSWORD</label> <input type="password" id="wf_PhoneNumber-vshons" name="password" value="" size="" class=""><span class="reqMark">*</span><br></span> <span class="oneField"> <label for="wf_Address" class="preField">IMAGE PATH</label><input type="file" name="image_file" id="wf_Address" class="required"/><span class="reqMark">*</span><br></span> </fieldset> </div> <div class="actions"><input type="submit" class="primaryAction" value="Send"> <input type="reset" class="primaryAction" value="Reset"></div> </form> <br> <form name="login_form" method="post" action="process.php" enctype="multipart/form-data" id="wf_FormGardenDemonst"> <input type="hidden" name="action" value="login"> <div id="wf_" class=""> <div class="instructions"><em>Here is the login form. If you already a member of Image4PWD, fill here...</em></div> <fieldset id="image4pwd" class=""> <legend>LOGIN FORM</legend> <span class="oneField"><div class="field-hint-inactive" id="wf_Name-H"><div></div></div> <label for="wf_Name" class="preField">USERNAME</label> <input type="text" id="wf_Name" name="username" value="" size="" class="required"><span class="reqMark">*</span> <br></span> <span class="oneField"><div class="field-hint-inactive" id="wf_PhoneNumber-vshons-H"><div></div></div> <label for="wf_PhoneNumber-vshons" class="preField">PASSWORD</label> <input type="password" id="wf_PhoneNumber-vshons" name="password" value="" size="" class=""><span class="reqMark">*</span><br></span> <span class="oneField"> <label for="wf_Address" class="preField">IMAGE PATH</label><input type="file" name="image_file" id="wf_Address" class="required"/><span class="reqMark">*</span><br></span> </fieldset> </div> <div class="actions"><input type="submit" class="primaryAction" value="Send"> <input type="reset" class="primaryAction" value="Reset"></div> </form> </td></table> </body> </html>
process.php
<html> <head> <title>...:... Image4PWD Login System v0.1 ...:...</title> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <link href="stil.css" rel="stylesheet" media="screen"></head> <body><table width="100%" height="100%"> <td align="center" valign="middle"> <form><fieldset class=""><legend>RESULTS</legend><label class="preField"> // CONNECT DATABASE $db_host = 'localhost'; $db_user = 'root'; $db_pass = ''; $db_name = ''; $link = mysql_connect ($db_host,$db_user,$db_pass) or die('No connection'.mysql_error()); mysql_select_db($db_name)or die('No connection['.DB_DATABASE.']:'.mysql_error()); // REGISTER PROCESS if ($_POST["action"] == "register") { // PROCESS if($_POST['username']!="" && $_POST['password']!="" && $size = $_FILES['image_file']['size']!=0) { $username=$_POST['username']; $password=$_POST['password']; $IsHaveUser = false; $data_count=0; // GET FILE FROM DATABASE AND CHECK USERNAME $sql1 = "SELECT * FROM admin"; $query1 = mysql_query($sql1); while ($result = mysql_fetch_array($query1) ) { $data_count++; if ( $result['username'] == $username) { $IsHaveUser = true; echo "The username has already been used.<BR> Please change your username.<BR>"; } } if ($IsHaveUser == false) { //OPEN THE FILE THAT USER UPLOAD $tempfile = $_FILES['image_file']['tmp_name']; $handle = fopen($tempfile, "r"); $Fsize=filesize($tempfile); $contents = fread($handle, $Fsize); fclose($handle); // echo $contents; //CREATE A FILE TO SAVE $picName = "$data_count".".chu"; $handle2 = fopen($picName, "w"); //RANDOM SELECTING THE BITS OF THE IMAGE $pos=0; $time_sec=time(); echo 'time:'."$time_sec <BR>"; srand($time_sec); while($pos < $Fsize) { echo $contents[$pos]; fwrite($handle2,$contents[$pos],1); $pos = $pos + rand(1,10); } fclose($handle2); //PUT ENCRYPTED DATA TO THE DATABASE $sql = "INSERT INTO admin (username, password, image_enc_file , randseed) VALUES ('$username', '$password','$picName', '$time_sec')"; mysql_query($sql); echo "REGISTRATION SUCCEEDED !!! <br> You are a member of IMAGE4PWD now ... "; } } else { echo "ERROR !!! Please key in your username, password and state path of an image file... <BR>"; } mysql_close(); } // LOGIN PROCESS elseif ($_POST["action"] == "login") { // LETS MAKE OUR CODE SAFE FROM SQL INJECTION function make_safe($variable) { $variable = addslashes(trim($variable)); return $variable; } //GET USER INFO $username = make_safe($_POST['username']); $password = make_safe($_POST['password']); // READ IMAGE $tempfile = $_FILES['image_file']['tmp_name']; $handle = fopen($tempfile, "r"); $Fsize = filesize($tempfile); $contents = fread($handle, $Fsize); fclose($handle); // GET FILE FROM DATABASE AND CHECK USERNAME & PASSWORD $IsRightPass = false; $sql1 = "SELECT * FROM admin "; $query1 = mysql_query($sql1); while ($result = mysql_fetch_array($query1) ) { if ( $result['username']==$username && $result['password']==$password) { echo "Username : ".$result['username']."<BR>"; echo "Password : ".$result['password']."<BR>"; echo "File Name : ".$result['image_enc_file']."<BR>"; echo "Randseed : ".$result['randseed']."<BR>"; $IsRightPass = true; $randseed=$result['randseed']; $image_enc_file=$result['image_enc_file']; } } if ($IsRightPass == true) { //OPEN ENCRYPTED FILE $handle2 = fopen($image_enc_file, "r"); $encrypted_content = fread($handle2, filesize($image_enc_file)); //echo $encrypted_content; //ENCRYPT IMAGE HERE AGAIN $pos = 0; $element = 0; srand($randseed); while($pos < $Fsize) { if ( $contents[$pos] != $encrypted_content [$element] ) { $IsRightPass = false; break; } else { //echo $contents[$pos]; $pos = $pos + rand(1,10); $element ++ ; } } } //SHOW LOGIN SUCCEEDED OR NOT if ($IsRightPass==true) echo "<BR> LOGIN SUCCEEDED !!! <BR>"; else echo "<BR> LOGIN FAILED !!! <BR>"; mysql_close(); } </label></fieldset></form> </td></table> </body> </html>
HCK 1-12 3.46 AM
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++
the newest register php (adding check the username already had, and different encryption file name)
you can see the result at http://wfuny.ifastnet.com/project/register.html
// OPEN DATABASE $db_host = 'sql3.ifastnet.com'; $db_user = 'if_1297013'; $db_pass = '************'; $db_name = 'if_1297013_image4pwd'; $link = mysql_connect ($db_host,$db_user,$db_pass) or die('No connection'.mysql_error()); mysql_select_db($db_name)or die('No connection['.DB_DATABASE.']:'.mysql_error()); // PROCESS if($_POST['username']!="" && $_POST['password']!="") { $username=$_POST['username']; $password=$_POST['password']; $IsHaveUser = false; $data_count=0; // GET FILE FROM DATABASE AND CHECK USERNAME $sql1 = "SELECT * FROM admin "; $query1 = mysql_query($sql1); while ($result = mysql_fetch_array($query1) ) { $data_count ++; if ( $result['username'] == $username) { $IsHaveUser = true; echo "The username has already been used.<BR> Please change your username.<BR>"; } } if ($IsHaveUser == false) { //OPEN THE FILE THAT USER UPLOAD $tempfile = $_FILES['image_file']['tmp_name']; $handle = fopen($tempfile, "r"); $Fsize=filesize($tempfile); $contents = fread($handle, $Fsize); fclose($handle); echo $contents; echo "<BR>+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++<BR>"; //OPEN A FILE TO SAVE $picName = "$data_count".".chu"; $handle2 = fopen($picName, "w"); //RANDOM SELECTING THE BITS OF THE IMAGE $pos=0; $time_sec=time(); echo 'time:'."$time_sec <BR>"; srand($time_sec); while($pos < $Fsize) { echo $contents[$pos]; fwrite($handle2,$contents[$pos],1); $pos = $pos + rand(1,10); } fclose($handle2); //PUT THE SOLUTION TO THE DATABASE $sql = "INSERT INTO admin (username, password, pic_name , randseed) VALUES ('$username', '$password','$picName', '$time_sec')"; mysql_query($sql); echo "Successful"; } } else { echo "Please key in your username, password and upload one image.<BR>"; }
wfuny 1/11
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
And now i can check ALL THE INFORMATION by using following code
you can see the result at http://wfuny.ifastnet.com/project/login.html
the only one question remain is the file name of the encrypted file.
i hope you can deal with it, thanks.
//GET USER INFO $username = $_POST['username']; $password = $_POST['password']; // READ IMAGE $tempfile = $_FILES['image_file']['tmp_name']; $handle = fopen($tempfile, "r"); $Fsize = filesize($tempfile); $contents = fread($handle, $Fsize); fclose($handle); // OPEN DATABASE $db_host = 'sql3.ifastnet.com'; $db_user = 'if_1297013'; $db_pass = '***************'; $db_name = 'if_1297013_image4pwd'; $link = mysql_connect ($db_host,$db_user,$db_pass) or die('No connection'.mysql_error()); mysql_select_db($db_name)or die('No connection['.DB_DATABASE.']:'.mysql_error()); // GET FILE FROM DATABASE AND CHECK USERNAME & PASSWORD $IsRightPass = false; $sql1 = "SELECT * FROM admin "; $query1 = mysql_query($sql1); while ($result = mysql_fetch_array($query1) ) { if ( $result['username']==$username && $result['password']==$password) { echo $result['username']."<BR>"; echo $result['password']."<BR>"; echo $result['pic_name']."<BR>"; echo $result['randseed']."<BR>"; $IsRightPass = true; $randseed=$result['randseed']; $pic_name=$result['pic_name']; } } if ($IsRightPass == true) { //OPEN ENCRYPTED FILE $handle2 = fopen($pic_name, "r"); $encrypted_content = fread($handle2, filesize($pic_name)); //echo $encrypted_content; //ENCRYPT IMAGE HERE AGAIN echo "<BR>ENCRYPT IMAGE AGAIN..................................<BR>"; $pos = 0; $element = 0; srand($randseed); while($pos < $Fsize) { if ( $contents[$pos] != $encrypted_content [$element] ) { $IsRightPass = false; break; } else { //echo $contents[$pos]; $pos = $pos + rand(1,10); $element ++ ; } } } //SHOW LOGIN SUCCEEDED OR NOT if ($IsRightPass==true) echo "<BR> LOGIN SUCCEEDED <BR>"; else echo "<BR> LOGIN FAILED <BR>";
wfuny 1/11
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
HCK ,now i can get information of certain data by using following code, but it may be wasting time.
$sql1 = "SELECT * FROM admin ";
$query1 = mysql_query($sql1);
while ($result = mysql_fetch_array($query1) ) {
if ( $result['username']==$username && $result['password']==$password)
{
echo $result['username']."<BR>";
echo $result['password']."<BR>";
echo $result['pic_name']."<BR>";
echo $result['randseed']."<BR>";
}
wfuny 1/11
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Hmm…
I just want to check that:
How many kinds of blank will appear in Register Page & Login Page typed by user?
** 3 for both of them : username, password, image path… (HCK 1/11)
Conifers 1/11
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++
the newest version of the register…..
// OPEN DATABASE $db_host = 'sql3.ifastnet.com'; $db_user = 'if_1297013'; $db_pass = '***********'; $db_name = 'if_1297013_image4pwd'; $link = mysql_connect ($db_host,$db_user,$db_pass) or die('No connection'.mysql_error()); mysql_select_db($db_name)or die('No connection['.DB_DATABASE.']:'.mysql_error()); // PROCESS if(isset($_POST)) { $username=$_POST['username']; $password=$_POST['password']; //OPEN THE FILE THAT USER UPLOAD $tempfile = $_FILES['image_file']['tmp_name']; $handle = fopen($tempfile, "r"); $Fsize=filesize($tempfile); $contents = fread($handle, $Fsize); fclose($handle); echo $contents; echo "<BR>+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++<BR>"; //OPEN A FILE TO SAVE $picName = "test.chu"; $handle2 = fopen($picName, "w"); //RANDOM SELECTING THE BITS OF THE IMAGE $pos=0; $time_sec=time(); echo 'time:'."$time_sec <BR>"; srand($time_sec); while($pos < $Fsize) { echo $contents[$pos]; fwrite($handle2,$contents[$pos],1); $pos = $pos + rand(1,10); } fclose($handle2); //PUT THE RESULT TO THE DATABASE $sql = "INSERT INTO admin (username, password, pic_name , randseed) VALUES ('$username', '$password','$picName', '$time_sec')"; mysql_query($sql); echo "Successful"; } else { echo "UNSuccessful"; }
wfuny 1/9
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Here is the login script :
$db_host = 'localhost'; $db_user = 'root'; $db_pass = 'triadpass'; $db_name = 'image4pwd'; $link = mysql_connect ($db_host,$db_user,$db_pass) or die('No connection'.mysql_error()); mysql_select_db($db_name)or die('No connection['.DB_DATABASE.']:'.mysql_error()); //GET USER INFO $username = $_POST['username']; $password = $_POST['password']; // READ IMAGE $tempfile = $_FILES['image_file']['tmp_name']; $handle = fopen($tempfile, "r"); $contents = fread($handle, filesize($tempfile)); fclose($handle); //ENCRYPT IMAGE HERE AGAIN $pos=0; $time_sec=time(); echo 'time:'."$time_sec <BR>"; srand($time_sec); while($pos < $Fsize) { echo $contents[$pos]; $pos = $pos + rand(1,10); } // CHECK FOR USER FROM DATABASE $sql = "SELECT * FROM admin WHERE username = '$username' AND password = 'password' AND image_contents = '$time_sec'"; $query = mysql_query($sql); $user_id = mysql_result($query,0,"id"); if (mysql_num_rows($query) == 1) { header('Location: HAHAHAHAHA ! YOUSECCESSFULLYLOGIN.COM'); // LOCATE HIMMMM !!! exit; }
HCK, 1-9
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
i have write the encrytion method by random
if you what to see the result , go to http://www.wfuny.ifastnet.com/project/Encrypt.html
and just remember $time_sec to the database .
Encrypt.html
<html> <head> <title>讀檔頁面</title> </head> <body> <form name="upload" action="Encrypt.php" method="post" enctype="multipart/form-data" onsubmit="return check();"> The file you want to encrypt:<br > <input type="file" name="image_file"> <input type="submit" name="Submit" value="Read" > </form> </body> </html>
Encrypt.php
$filename = $_FILES['image_file']['tmp_name']; $handle = fopen($filename, "r"); if ($handle) { echo '$_FILES[\'image_file\'][\'tmp_name\'] ='.$_FILES['image_file']['tmp_name']; echo '<br>$_FILES[\'image_file\'][\'name\']='.$_FILES['image_file']['name'].'<br>CONTENTS: <br>'; $Fsize=filesize($filename); $contents = fread($handle,$Fsize); fclose($handle); echo $contents; echo "<BR>++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++<BR>"; echo "Encrypt Data<BR>"; $pos=0; $time_sec=time(); echo 'time:'."$time_sec <BR>"; srand($time_sec); //echo rand(1,10)."<BR>"; //echo rand(1,10)."<BR>"; while($pos < $Fsize) { echo $contents[$pos]; $pos = $pos + rand(1,10); } } else echo "開啟檔案失敗!";
--wfuny-—1/8
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Here it is :)
http://linux.tnc.edu.tw/techdoc/banic/mathematical/mt_rand.html
http://linux.tnc.edu.tw/techdoc/banic/mathematical/mt_srand.html
and more about it (HCK 1-8)
http://tw2.php.net/manual/tw/function.rand.php
Conifers 1/8
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
i'will save file as temp.chu and just put it's name into the database
The save file is not like a picture,and i 'll enrypt it. therefore,don't worry about it's safety.
now i just want to find whether PHP has the random seed like C
such as srand(number) in C;
and PHP has time function??
--wfuny-—1/8
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
however, the problem is that we cannot put image's contents into database. wfuny, what you did is actually just adding the name of file. we don't need this, you know…
HCK 1-8
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Here is the reply about encryption algorithms from my Calculus teacher Dr. Chen :
Hello. Glad to be asked something about encryptions. > We are designing such a system that we have to use an image to log > into the system. At the registration procedure, system is going to > encrypt image as hashing. Idea could be interesting for further > steps; this is just core now. > But, What I am looking for is an interesting encryption algorithm > now. Do you have any idea about it ? Could you suggest anything to > us ? It is not > necessary to be a really tough algorithm, because this is not our job right > now. We are just looking for something fancy or interesting... Let me clarify one thing: Do you need an encryption algorithm accompanied by a corresponding decryption algorithm? Or you need a hash function, for which decryption is not necessary? For encryption systems, there are two categories: Block Ciphers and Stream Ciphers. AES and DES are most widedly used block ciphers today. AES has block size of 128 bits, while DES has block size of 64 bits. There are a lot of stream ciphers. RC4 is one of the most famous of those. For hash functions, MD5 with 128-bit output was popular but no longer so in these years. SHA-1 with 160-bit output is prevalent, but will be replaced by SHA-256, SHA-384, or SHA-512 sooner or later. Open source codes of all of the above algorithms are available on the internet. JM
HCK 1-8
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
i have check your code and change it. The following is the code.
$db_host = 'sql3.ifastnet.com'; $db_user = 'if_1297013'; $db_pass = '*************'; $db_name = 'if_1297013_image4pwd'; $link = mysql_connect ($db_host,$db_user,$db_pass) or die('無法連接到資料庫:'.mysql_error()); mysql_select_db($db_name)or die('無法選擇資料庫['.DB_DATABASE.']:'.mysql_error()); if(isset($_POST)) { $username=$_POST['username']; $password=$_POST['password']; $tempfile = $_FILES['image_file']['tmp_name']; $handle = fopen($tempfile, "r"); $contents = fread($handle, filesize($tempfile)); fclose($handle); echo $contents; $filename = $_FILES['image_file']['name']; $sql = "INSERT INTO userdata (username, password,picture) VALUES ('$username', '$password','$filename')"; mysql_query($sql); echo "Successful"; } else { echo "UNSuccessful"; }
--wfuny-—1/8
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
does php has the random seed like C, if it has can anyone help me to find it how to use,you can just post it code to the wiki , i want to use it to encryption, thanks.
--wfuny-—1/7
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
i think you may be wrong at $db_host = 'localhost';
you can add " or die('無法連接到資料庫:'.mysql_error()); " to check.
--wfuny-—1/7
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
i can add data to database like that , but we have to first create table 'telephone' and column 'name' 'pass'
$db_host = 'sql3.ifastnet.com'; $db_user = 'if_1297013'; $db_pass = '**************'; $db_name = 'if_1297013_image4pwd'; $link = mysql_connect ($db_host,$db_user,$db_pass) or die('無法連接到資料庫:'.mysql_error()); mysql_select_db($db_name)or die('無法選擇資料庫['.DB_DATABASE.']:'.mysql_error()); $username='test'; $password='test3'; $sql = "INSERT INTO telephone (name, pass) VALUES ('$username', '$password')"; mysql_query($sql); echo "Successful";
--wfuny-—1/7
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
I have uploaded a powerpoint example file
you have to change it format to .ppt,and you can get it by cilck file tag.
--wfuny-—1/7
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
It is not about it, man. For example, if I take the file processing codes out, then it works. otherwise, it doesn't work…
HCK 1-7
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Hmm…
Have you set the privilige for the database you want to save?(you can write into it)
Conifers 1/7
+++++++++++++++++++++++++++++++++++++++++++++++++++++++
Hey, guys…
We have problem now. We cannot add contents to database. I don't know why, but there is always something wrong. I think, maybe the problem is about table type pf Mysql. Because i never tried to add something like that before, i don't know why it is ? Lets search together… Here is the code :
<html> <head> <title>Image4PWD Login System</title> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"></head> <body> <form name="upload" action="register_process.php" method="post" enctype="multipart/form-data" onSubmit="return check();"> Login<br> USERNAME<input type="text" name="username" size="20"><br> PASS<input type="password" name="password" size="20"><br> IMAGE<input type="file" name="image_file"><br> <input type="submit" name="Submit" value="Send" > </form> </body> </html>
$db_host = 'localhost'; $db_user = 'root'; $db_pass = 'triadpass'; $db_name = 'image4pwd'; mysql_connect ($db_host,$db_user,$db_pass); mysql_select_db($db_name); if(isset($_POST)) { $username=$_POST['username']; $password=$_POST['password']; $filename = $_FILES['image_file']['tmp_name']; $handle = fopen($filename, "r"); $contents = fread($handle, filesize($filename)); fclose($handle); echo $contents; $sql = "INSERT INTO admin (username, password, image_contents ) VALUES ('$username', '$password', '$contents')"; mysql_query ($sql) or die ("Error"); echo "Successful"; } else { echo "UNSuccessful"; }
HCK, 1-7
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
I think username is necessary because it is much easier to check whether this name is used or not when register, and save much time for checking.
And password is for more security. If you don't want it, you can delete it.
--wfuny-—- 1/4
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
That's why I want to use database, man. Actually database is not the most efficient way, but it is the easiest and fastest way for our case, I think. However, I am working on it, now.
Just an idea : why don't we ignore username for our login system ? We can say image will identify the user -and there are some reasons for that ? Because, we should find a good reason out to present this idea, I think it doesn't make sense it just seems as different from traditional login systems….
However, I want to patch up our login system to flickr or other web-album websites…
I am going to post a diagram here as soon as possible. But, the first thing, we should finish the base; after that we can improve our idea ;)
HCK, 1-4
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
When a person register and submit it , i think we have to save three item
1.username
2.password
3.the name of the picture(maybe it is generated by random)
4.if needed ,we can add something else,like encryption random seed.
And anser to the question ,why to encrypt,that is because we can save it as less space . If our sever is crack by others, the file user use will not be taken by others.
--wfuny-—- 1/4
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
i find if we use encoding method i mention before , that is step is increase one per unit (step++) , we might get too few code, so i chage it as
step = (step+1)%10;
You can see the result of following code at : http://wfuny.ifastnet.com/project/Encrypt.html
and i hope we can finish this project in this week.
$filename = $_FILES['image_file']['tmp_name']; $handle = fopen($filename, "r"); if ($handle) { echo '$_FILES[\'image_file\'][\'tmp_name\'] ='.$_FILES['image_file']['tmp_name']; echo '<br>$_FILES[\'image_file\'][\'name\']='.$_FILES['image_file']['name'].'<br>CONTENTS: <br>'; $Fsize=filesize($filename); $contents = fread($handle,$Fsize); fclose($handle); echo $contents; echo "<BR>++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++<BR>"; echo "Encrypt Data<BR>"; $pos=0; $add=1; while($pos < $Fsize) { echo $contents[$pos]; //echo "pos:".$pos."<BR>"; $pos = $pos + $add; $add=($add+1)%10; } } else echo "開啟檔案失敗!";
--wfuny-—- 1/2
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
myfile 即為index.php中的檔案欄位名稱,也就是說若你將檔案欄位名稱命名為ourfile,這裡的各個資訊便需使用$_FILES['ourfile']['xxx']。
其中的:
$_FILES['myfile']['name'] 這是使用者上傳的原始檔案名稱。
$_FILES['myfile']['size'] 為檔案大小,單位為Byte。
$_FILES['myfile']['tmp_name'] 為檔案上傳完畢後於伺服器中暫存的位置。
$_FILES['myfile']['type'] 為檔案的MIME格式。
$_FILES['myfile']['error'] 檔案上傳的錯誤代碼,在後面我們會針對這個變數的值做處理(PHP 4.2.0以上版本才支援)。
--wfuny-—- 1/2
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Hello, guys !!!
Here are the simple source codes for the question wfuny asked :
OPENFILE.PHP
$filename = $_FILES['image_file']['tmp_name']; $handle = fopen($filename, "r"); if ($handle) { echo '$_FILES[\'image_file\'][\'tmp_name\'] ='.$_FILES['image_file']['tmp_name']; echo '<br>$_FILES[\'image_file\'][\'name\']='.$_FILES['image_file']['name'].'<br>CONTENTS: <br>'; $contents = fread($handle, filesize($filename)); fclose($handle); echo $contents; } else echo "開啟檔案失敗!";
FORM.HTML
<html> <head> <title>讀檔頁面</title> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"></head> <body> <form name="upload" action="openfile.php" method="post" enctype="multipart/form-data" onSubmit="return check();"> 讀取的檔案:<br > <input type="file" name="image_file"> <input type="submit" name="Submit" value="讀檔" > </form> </body> </html>
Here is the test link :
[http://members.lycos.co.uk/hckir/form.html]
But, this code doesn't copy image to server. It just reads it as temp file. But, for further step, i think we need to work with databases and a version which copies image temporarily and deletes it…
Any other idea ???
HCK, 08-1-2
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
i find we can use following code to read the *.jpg file
<HTML> <BODY> $filename = "ball.jpg"; $handle = fopen($filename, "r"); //開啟檔案 if ($handle) //如果開啟成功,讀取全部內容 { $contents = fread($handle, filesize($filename)); fclose($handle); echo $contents; } else echo "開啟檔案失敗!"; </BODY> </HTML>
if you want to see the result ,go to http://wfuny.ifastnet.com/project/OpenFile.php
and you can see the ball.jpg at http://wfuny.ifastnet.com/project/ball.jpg
and we can use the encryption method I mention below to encrypt.
Now the only question is how can we get the file from other people's computer,that is
we already write the HTML
<html> <head> <title>讀檔頁面</title> </head> <body> <form name="upload" action="./test2.php" method="post" enctype="multipart/form-data" onsubmit="return check();"> 讀取的檔案:<br > <input type="file" name="file"> <input type="submit" name="Submit" value="讀檔" > </form> </body> </html>
So , how can we write the test2.php to get the file.
-wfuny- 12/31
+++++++++++++++++++++++++++++++++++++++
I have an ideal , that is if we have a picture(or file),which code is
file begin………………………………………….
??dfsegfdeadfasdafsd/'dfasdfasdf?dasfd"
file end……………………………………………
then we can chose 1,2,4,7,10,14,….digit to remember and generate a save file like showing below
digit
1 2 4 7 10 14
? ? f g e a ………………………..
so we generate encryption file
file begin………………………………………….
??fgea…
file end……………………………………………
if you want to add the shift method to the problem , it's also ok.
but now we have a problem , how can we get the code in the picture,in C the instruction must like
picture : Bitmap ^originalImage = gcnew Bitmap("lena.jpg");
file : getch(); or scanf("%c",&ch);
-wfuny- 12/31
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Hey, guys …
We should think about "image hashing". It can help us. Just search about it. We should find out a way which we can transform image into numbers… And of course which one is the best way… Go go go go go !~ don't have too much time ;)
++++++++++++++++++++++++++++++++++++++++++2007.12.30
An Intro to daya-image-video encryption :
Go to see
++++++++++++++++++++++++++++++++++++++++++
You can download the PHP File Access file and save as *.ppt, then you can see some structions and example in that powerpoint.
-wfuny-
++++++++++++++++++++++++++++++++++++++++++
Image4Pwd Project Started
Image4Pwd Project started at 2007-12-24 as a term project for Introduction to Computers class in NTU… Project group members are :
b96902133 柯賀祁
b96902071 林易徵
b96902119 朱冠宇
++++++++++++++++++++++++++++++++++++++++++
If this is your first site
Then there are some things you need to know:
- You can configure all security and other settings online, using the Site Manager. When you invite other people to help build this site they don't have access to the Site Manager unless you make them administrators like yourself. Check out the Permissions section.
- Your Wikidot site has two menus, one at the side called 'nav:side', and one at the top called 'nav:top'. These are Wikidot pages, and you can edit them like any page.
- To edit a page, go to the page and click the Edit button. You can change everything in the main area of your page. The Wikidot language is easy to learn but powerful.
- You can attach images and other files to any page, then display them and link to them in the page.
- Every Wikidot page has a history of edits, and you can undo anything. So feel secure, and experiment.
- You can choose different themes in the Site Manager, and you can write your own theme if you know CSS.
- To start a forum on your site, see the Site Manager » Forum.
- The license for this Wikidot site has been set to Creative Commons Attribution-Share Alike 2.5 License. If you want to change this, use the Site Manager.
- If you want to learn more, make sure you visit the Documentation section at www.wikidot.com
If you've already created other sites
Then we don't need to tell you how addictive Wikidot is. But maybe it's worth reminding you of some of the advanced Wikidot features:
- You can run your Wikidot site on its own web domain name.
- You can use Google Analytics to measure traffic going to your site.
- Giving away free wikis is not enough for us — we are also offering you a way to earn money from your wiki using our AdSense implementation.
We hope you enjoy using Wikidot as much as we do. If you want to discuss Wikidot, there's an active community of Wikidot enthusiasts where you can share tips and ideas.
